Backdoor

Backdoor:WinNT/Rustock.B malicious file

Malware Removal

The Backdoor:WinNT/Rustock.B is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Backdoor:WinNT/Rustock.B virus can do?

  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid

How to determine Backdoor:WinNT/Rustock.B?



File Info:

name: A1A651A35308FE82722D.mlw
path: /opt/CAPEv2/storage/binaries/1ff17a9b01faf3622fb71b9e070cdffab9febc5440c69c29a32256d88e7f4333
crc32: 6FD10101
md5: a1a651a35308fe82722def35257553fe
sha1: 0cc1f147129678e483dbcce87b10fe2d5c4c9bd8
sha256: 1ff17a9b01faf3622fb71b9e070cdffab9febc5440c69c29a32256d88e7f4333
sha512: 7d3d470042832d3ae1f45cfb8b426e6e164e6788ca12b1f967f0b087086d15a2adc55fcffc37c0bfe3debf9d2b60c67369cbcb4bfbf6afe54ead85135777de18
ssdeep: 1536:U6JNRMSRc5gv44ilfyzH1kB5S15wyxhUc4jyKTE+:UUMSy5CilAVkPS1bxq9F
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1946302437B900C54D9E071725ED88C7D6CBB7BBF6A18CE90FD85979E4D66B406A1CC08
sha3_384: 632cb523cb87b525099041f39724d089296c21c776310d78e37d3b853384b228f9448f38044f4cc57815c8c9a4669e1c
ep_bytes: 83ec04892c248d6424fc89342483ec04
timestamp: 2006-06-27 08:12:36


Version Info:

0: [No Data]

Backdoor:WinNT/Rustock.B also known as:

BkavW32.AIDetect.malware1
LionicHeuristic.File.Generic.00×1!p
DrWebTrojan.Siggen.48452
MicroWorld-eScanGen:Heur.Krypt.19
FireEyeGeneric.mg.a1a651a35308fe82
CAT-QuickHealBackdoor.Rustock
ALYacGen:Heur.Krypt.19
CylanceUnsafe
VIPREGen:Heur.Krypt.19
SangforSuspicious.Win32.Save.a
AlibabaTrojan:Win32/Clicker.89499a4c
Cybereasonmalicious.35308f
BitDefenderThetaAI:Packer.B7231B8A1D
Elasticmalicious (high confidence)
ESET-NOD32Win32/SpamTool.Mailbot.NAP
APEXMalicious
Paloaltogeneric.ml
ClamAVWin.Trojan.Agent-583525
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Heur.Krypt.19
NANO-AntivirusTrojan.Win32.GenericL.fbaued
AvastWin32:Susn-F [Trj]
TencentWin32.Trojan.Generic.Anhl
Ad-AwareGen:Heur.Krypt.19
SophosML/PE-A
ComodoMalware@#1d9j14pjk6bm1
ZillyaTrojan.Pincav.Win32.6049
McAfee-GW-EditionBehavesLike.Win32.PWSZbot.kc
Trapminemalicious.high.ml.score
EmsisoftGen:Heur.Krypt.19 (B)
SentinelOneStatic AI – Malicious PE
JiangminTrojan/Pincav.clp
WebrootW32.Rustock.Rootkit
GoogleDetected
AviraTR/Crypt.ZPACK.Gen
MAXmalware (ai score=98)
Antiy-AVLTrojan/Generic.ASMalwS.553C
MicrosoftBackdoor:WinNT/Rustock.B
ArcabitTrojan.Krypt.19
GDataGen:Heur.Krypt.19
CynetMalicious (score: 100)
McAfeeArtemis!A1A651A35308
VBA32Trojan-Clicker.Win32.Costrat.a
RisingTrojan.Generic@AI.98 (RDMK:2H4ExiWSRnC1tAFhSzu0Uw)
YandexTrojan.Pincav!+KowLk7UeFA
IkarusTrojan.Win32.SpamTool
MaxSecureTrojan.Malware.6011227.susgen
FortinetW32/GEN.UAC171W!tr
AVGWin32:Susn-F [Trj]
PandaGeneric Malware
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Backdoor:WinNT/Rustock.B?

Backdoor:WinNT/Rustock.B removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment